CVE-2007-0850 - Vulnerability Details - OpenCVE

scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00898.

Key SSVC decision points have not yet been added.

Vendors	Products
Syscp Team Subscribe	Syscp Subscribe

Configuration 1 [-]

OR	cpe:2.3:a:syscp_team:syscp:1.2.10:::::::*
	cpe:2.3:a:syscp_team:syscp:1.2.15:::::::*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2007-0847	scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://osvdb.org/33127
http://secunia.com/advisories/24102
http://www.securityfocus.com/archive/1/459397/100/0/threaded
http://www.securityfocus.com/bid/22454
http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP
https://exchange.xforce.ibmcloud.com/vulnerabilities/32330

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-08T18:00:00

Updated: 2024-08-07T12:34:21.213Z

Reserved: 2007-02-08T00:00:00

Link: CVE-2007-0850

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-02-08T18:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-0850

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "33127", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33127"}, {"name": "22454", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22454"}, {"name": "20070207 Ability to inject and execute any code as root in SysCP", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"name": "syscp-cronscript-code-execution(32330)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"name": "24102", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24102"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0850", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "33127", "refsource": "OSVDB", "url": "http://osvdb.org/33127"}, {"name": "22454", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22454"}, {"name": "20070207 Ability to inject and execute any code as root in SysCP", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"name": "syscp-cronscript-code-execution(32330)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"name": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP", "refsource": "CONFIRM", "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"name": "24102", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24102"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:34:21.213Z"}, "title": "CVE Program Container", "references": [{"name": "33127", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33127"}, {"name": "22454", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22454"}, {"name": "20070207 Ability to inject and execute any code as root in SysCP", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"name": "syscp-cronscript-code-execution(32330)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"name": "24102", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24102"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0850", "datePublished": "2007-02-08T18:00:00", "dateReserved": "2007-02-08T00:00:00", "dateUpdated": "2024-08-07T12:34:21.213Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:syscp_team:syscp:1.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "3034B734-7033-4D45-8CE2-CADEDD45C498", "vulnerable": true}, {"criteria": "cpe:2.3:a:syscp_team:syscp:1.2.15:*:*:*:*:*:*:*", "matchCriteriaId": "1A297557-9099-40C8-83C4-99093C05C7BE", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panel_cronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename to this table."}, {"lang": "es", "value": "scripts/cronscript.php en SysCP 1.2.15 y anteriores incluye y ejecuta secuencias de comandos PHP de su elecci\u00f3n a que son referenciados por la tabla panel_cronscript en la base de datos SysCP, lo cual permite a los atacantes con una base de datos escribir privilegios para ejecutar c\u00f3digo de su elecci\u00f3n construyendo un archivo PHP y agregando su nombre de fichero a esta tabla.\r\n"}], "id": "CVE-2007-0850", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-08T18:28:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/33127"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24102"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/22454"}, {"source": "cve@mitre.org", "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/33127"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24102"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/459397/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.securityfocus.com/bid/22454"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.syscp.org/wiki/Security/SyscpOrgAbilityToInjectAndExecuteAnyCodeAsRootInSysCP"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32330"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}